Note that the byte order in mpi_fill_random_internal() is deliberate
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
parent
405b091d9e
commit
afb2bd2f22
1 changed files with 2 additions and 0 deletions
|
@ -2405,6 +2405,8 @@ cleanup:
|
|||
|
||||
/* Fill X with n_bytes random bytes.
|
||||
* X must already have room for those bytes.
|
||||
* The ordering of the bytes returned from the RNG is suitable for
|
||||
* deterministic ECDSA (see RFC 6979 §3.3 and mbedtls_mpi_random()).
|
||||
* The size and sign of X are unchanged.
|
||||
* n_bytes must not be 0.
|
||||
*/
|
||||
|
|
Loading…
Reference in a new issue